Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/1be093-c108-43b3-bb52-0b9bfb19f2ee/1/uvT-AfqrZmLBHLWR_Xu9V4pbhMY.roa
File: uvT-AfqrZmLBHLWR_Xu9V4pbhMY.roa (raw, json)
Hash identifier: +NI9AdJXrBOPTgBJ16bi+gjHXvGgm+4j3ZOG8wz1NSI=
Subject key identifier: BA:F4:FE:01:FA:AB:66:62:C1:1C:B5:91:FD:7B:BD:57:8A:5B:84:C6
Certificate issuer: /CN=c0b8b92f9d62b5c3177d52eb36a532567ef4b0f2
Certificate serial: 01856FB113FA4A1029493A4ECAF6ADCBFECA
Authority key identifier: C0:B8:B9:2F:9D:62:B5:C3:17:7D:52:EB:36:A5:32:56:7E:F4:B0:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wLi5L51itcMXfVLrNqUyVn70sPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/1be093-c108-43b3-bb52-0b9bfb19f2ee/1/uvT-AfqrZmLBHLWR_Xu9V4pbhMY.roa
Signing time: Sun 01 Jan 2023 23:35:54 +0000
ROA not before: Sun 01 Jan 2023 23:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44622
IP address blocks: 91.223.1.0/24 maxlen: 24
195.162.8.0/23 maxlen: 23
91.222.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:13:fa:4a:10:29:49:3a:4e:ca:f6:ad:cb:fe:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0b8b92f9d62b5c3177d52eb36a532567ef4b0f2
Validity
Not Before: Jan 1 23:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baf4fe01faab6662c11cb591fd7bbd578a5b84c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:d5:8b:83:84:a3:64:d5:47:b6:8e:f5:07:
4f:48:70:85:92:bc:25:09:96:2a:9e:de:74:56:4a:
76:be:7c:f6:3b:1f:f6:95:8b:ce:1c:99:61:2b:62:
47:b0:6e:30:8a:40:ff:b4:6d:9b:09:78:6c:9e:1e:
f7:ff:6b:0a:d3:59:0b:be:bd:87:57:cb:5a:60:2e:
d7:9c:49:7d:b7:19:01:44:ba:3f:78:8f:e4:cb:ca:
40:27:99:1f:21:35:3f:d1:03:e8:c8:59:44:44:c8:
fd:52:f9:c2:05:a7:d4:ae:fc:15:b4:7d:bb:ab:c3:
1d:15:65:6f:72:85:0d:63:41:1b:9e:3e:26:01:64:
20:a3:16:af:ec:78:c2:dd:ba:e9:ff:85:ec:a0:df:
e9:28:62:57:27:a0:f6:9c:01:8b:6a:ac:a4:67:ff:
26:2c:50:ba:5d:b1:31:88:22:67:64:77:45:88:fc:
eb:bb:af:96:88:a5:03:3d:b7:72:d8:41:4a:d4:71:
e0:7e:a8:09:b9:98:3e:ff:63:35:4c:0c:12:b2:43:
f3:14:be:b6:2c:8c:4f:18:b7:a3:44:d9:ae:1e:21:
d0:33:c3:cd:43:38:09:a0:b0:ea:cb:6d:59:71:66:
1f:d8:76:9f:ca:7f:23:46:f2:27:d7:f1:a2:4f:db:
30:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F4:FE:01:FA:AB:66:62:C1:1C:B5:91:FD:7B:BD:57:8A:5B:84:C6
X509v3 Authority Key Identifier:
keyid:C0:B8:B9:2F:9D:62:B5:C3:17:7D:52:EB:36:A5:32:56:7E:F4:B0:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wLi5L51itcMXfVLrNqUyVn70sPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/1be093-c108-43b3-bb52-0b9bfb19f2ee/1/uvT-AfqrZmLBHLWR_Xu9V4pbhMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/1be093-c108-43b3-bb52-0b9bfb19f2ee/1/wLi5L51itcMXfVLrNqUyVn70sPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.208.0/22
91.223.1.0/24
195.162.8.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:03:9c:3d:7b:b2:d9:b1:57:e7:67:cc:71:ca:42:60:4e:4f:
f7:b8:11:a6:ee:c8:4a:c0:9a:f5:6f:fc:42:58:1b:66:d5:77:
1b:d9:cf:bc:fe:1b:6c:d2:59:79:79:5d:a1:b0:6c:ca:35:43:
4f:14:33:4d:42:b2:c7:a7:33:7d:f6:db:9d:85:2c:2c:df:12:
b1:50:c2:b7:72:a4:c6:3a:69:fc:51:6c:2f:1b:1c:26:cf:6e:
e9:6c:3b:81:06:1b:35:1f:b6:82:f7:9c:b7:ac:58:2e:28:aa:
b0:c6:9d:df:53:2d:a5:83:e3:4f:eb:29:e8:97:3b:93:b7:dc:
6b:85:12:ef:91:05:e9:0f:d6:13:22:9a:a2:bf:8b:f0:8e:bc:
26:89:ce:c5:e9:e3:d2:61:c3:d0:08:e5:6a:e8:62:cf:ee:05:
63:6e:b6:fa:39:10:71:76:db:91:0e:e8:48:10:28:86:84:bd:
7a:00:bc:a5:a3:b6:69:be:bd:e0:9f:17:7f:6a:70:a9:b3:fd:
1d:86:e6:e0:b8:db:99:5a:86:7a:66:11:79:00:f0:f2:fd:dc:
f7:2d:87:aa:26:51:8f:d0:84:9d:b9:15:16:b0:d9:93:ad:c5:
3d:66:c4:7c:49:d2:a9:e8:e4:2e:08:33:c6:70:e9:b7:84:da:
48:1f:ff:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvsRP6ShApSTpOyvaty/7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYjhiOTJmOWQ2MmI1YzMxNzdkNTJlYjM2YTUzMjU2N2Vm
NGIwZjIwHhcNMjMwMTAxMjMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY0ZmUwMWZhYWI2NjYyYzExY2I1OTFmZDdiYmQ1NzhhNWI4NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0fVi4OEo2TVR7aO9QdPSHCFkrwl
CZYqnt50Vkp2vnz2Ox/2lYvOHJlhK2JHsG4wikD/tG2bCXhsnh73/2sK01kLvr2H
V8taYC7XnEl9txkBRLo/eI/ky8pAJ5kfITU/0QPoyFlERMj9UvnCBafUrvwVtH27
q8MdFWVvcoUNY0Ebnj4mAWQgoxav7HjC3brp/4XsoN/pKGJXJ6D2nAGLaqykZ/8m
LFC6XbExiCJnZHdFiPzru6+WiKUDPbdy2EFK1HHgfqgJuZg+/2M1TAwSskPzFL62
LIxPGLejRNmuHiHQM8PNQzgJoLDqy21ZcWYf2Hafyn8jRvIn1/GiT9sw4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLr0/gH6q2ZiwRy1kf17vVeKW4TGMB8GA1UdIwQY
MBaAFMC4uS+dYrXDF31S6zalMlZ+9LDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0xpNUw1MWl0Y01YZlZMck5xVXlWbjcwc1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8xYmUwOTMtYzEwOC00M2IzLWJiNTIt
MGI5YmZiMTlmMmVlLzEvdXZULUFmcXJabUxCSExXUl9YdTlWNHBiaE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8xYmUwOTMtYzEwOC00M2IzLWJiNTItMGI5YmZiMTlmMmVl
LzEvd0xpNUw1MWl0Y01YZlZMck5xVXlWbjcwc1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW97QAwQA
W98BAwQBw6IIMA0GCSqGSIb3DQEBCwUAA4IBAQC/A5w9e7LZsVfnZ8xxykJgTk/3
uBGm7shKwJr1b/xCWBtm1Xcb2c+8/hts0ll5eV2hsGzKNUNPFDNNQrLHpzN99tud
hSws3xKxUMK3cqTGOmn8UWwvGxwmz27pbDuBBhs1H7aC95y3rFguKKqwxp3fUy2l
g+NP6ynolzuTt9xrhRLvkQXpD9YTIpqiv4vwjrwmic7F6ePSYcPQCOVq6GLP7gVj
brb6ORBxdtuRDuhIECiGhL16ALylo7Zpvr3gnxd/anCps/0dhubguNuZWoZ6ZhF5
APDy/dz3LYeqJlGP0ISduRUWsNmTrcU9ZsR8SdKp6OQuCDPGcOm3hNpIH/8p
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:13 2025 by rpki-client